It is known in the art to use control units to control or regulate an internal combustion engine, a transmission, a steer-by-wire system, an air-conditioning system, etc., of a motor vehicle. On the one hand, the memory device of a control unit must allow the occasional modification of the computer program stored in the memory device and of the data stored therein, so that new program versions or modified limiting values, for example, may be realized for a regulation or control. For this purpose, the memory areas of the memory device in which the computer program and/or the data are/is stored, are deleted and overwritten by a modified computer program and modified data. On the other hand, it must be prevented, however, that unauthorized persons store a manipulated computer program and/or manipulated data in the memory device, since such actions may cause malfunctions of the control unit, which may ultimately result in a defect of the components to be controlled or regulated.
Published German patent document DE 196 19 354 describes a method for safeguarding a programming procedure in such a way that precisely those bytes that are also listed in a programming database may be programmed into the program device. The described method is a simplified hash-total method. In this process, so-called self-control data are written into the memory device of the control unit, concurrently with the computer program and the data. Since it is too time-consuming to include each programmed byte in a hash-total calculation, individual bytes or byte samples are extracted at random, in order to test the correct programming of the memory device on this basis. Such correct programming exists when all self-control data are found in the appropriate memory areas. This known method thus safeguards only the actual programming procedure. It does not protect against the memory device being programmed with a manipulated computer program and/or manipulated data. It also does not protect against the execution of a manipulated computer program and the use of manipulated data. Since the self-control data are part of the computer program or the data stream, unauthorized persons may manipulate the self-control data relatively easily in such a way that, despite a manipulated computer program or despite manipulated data, a correct programming of the memory device is detected and the manipulated computer program is executed using the manipulated data.
Published German patent document DE 196 23 145 describes a method for preventing an inadvertent execution of a delete and/or program routine of a control program for a memory device of a control unit. This is achieved in that, prior to the execution of a delete and/or program routine of the control program, other program components (so-called unlock sequences) must be executed or passwords input. Furthermore, it is ascertained whether an activated testing or programming device is connected before a delete or program routine is executed. Additional protection against unintentional overwriting of a computer program stored in the memory device of a control unit and/or of data stored therein is obtained by storing the executable code of the computer program and/or the data outside of their destination address. For example, it is recommended to store a RAM program outside the RAM, so that the program must be copied into the RAM prior to execution. However, the known method is unable to prevent the execution of an altered computer program stored in the memory element and/or the use of altered data stored therein.
An objective of the present invention is to provide an efficient protection against manipulation of the contents of a memory device of a control unit by unauthorized persons.